EncryptionKeyId

adaptive_pipeline_domain::value_objects::encryption_key_id

Struct EncryptionKeyId 

Source 
pub struct EncryptionKeyId(/* private fields */);
Expand description

Encryption key identifier value object for secure key management

This value object provides type-safe encryption key references with comprehensive validation, key rotation support, and environment-aware key management capabilities. It implements Domain-Driven Design (DDD) value object patterns with immutable semantics and business rule enforcement.

§Key Features

  • Type Safety: Strongly-typed key identifiers that cannot be confused with strings
  • Format Validation: Comprehensive validation of key ID format and constraints
  • Key Rotation: Built-in support for key versioning and rotation
  • Environment Awareness: Automatic detection of production/development environments
  • Algorithm Support: Multi-algorithm key identification and validation
  • Immutable Semantics: Value objects that cannot be modified after creation

§Key ID Format

The key ID follows a structured format: {algorithm}-{version}-{identifier}

§Examples

  • aes256-v1-prod-2024 - AES-256 production key, version 1
  • chacha20-v2-dev-abc123 - ChaCha20 development key, version 2
  • rsa2048-v3-staging-key001 - RSA-2048 staging key, version 3

§Constraints

  • Length: 8-64 characters total
  • Characters: Alphanumeric, hyphens (-), underscores (_)
  • Structure: Must contain at least 2 separators
  • Validation: Cannot start or end with separators

§Security Considerations

  • Environment Separation: Clear separation between production and development keys
  • Access Control: Environment-based access control patterns
  • Audit Trail: Complete key usage and lifecycle tracking
  • Key Rotation: Regular key rotation with version management

§Usage Examples

§Cross-Platform Compatibility

  • Rust: EncryptionKeyId newtype wrapper
  • Go: EncryptionKeyID struct with equivalent interface
  • JSON: String representation for API compatibility
  • Database: TEXT column with validation constraints

Implementations§

Source§

impl EncryptionKeyId

Source

pub fn new(key_id: String) -> Result<Self, PipelineError>

Creates a new encryption key ID with format validation

§Purpose

Creates a type-safe encryption key identifier with comprehensive format validation. Supports structured key IDs with algorithm, version, and identifier components.

§Why

Type-safe key IDs provide:

  • Prevention of key management errors
  • Structured key versioning and rotation
  • Environment separation (production/development)
  • Audit trail support
§Arguments
  • key_id - Key identifier string (format: algorithm-version-identifier)
§Returns
  • Ok(EncryptionKeyId) - Valid key ID
  • Err(PipelineError::InvalidConfiguration) - Invalid format
§Errors
  • Key ID is empty or < 8 characters
  • Key ID exceeds 64 characters
  • Contains invalid characters
  • Starts/ends with separator
  • Missing required components
§Examples
Source

pub fn parse(key_id: &str) -> Result<Self, PipelineError>

Creates an encryption key ID from a string slice

Source

pub fn value(&self) -> &str

Gets the key ID string

Source

pub fn algorithm(&self) -> Option<&str>

Extracts the algorithm from the key ID

Source

pub fn version(&self) -> Option<&str>

Extracts the version from the key ID

Source

pub fn identifier(&self) -> Option<&str>

Extracts the identifier portion from the key ID

Source

pub fn is_production(&self) -> bool

Checks if this is a production key

Source

pub fn is_development(&self) -> bool

Checks if this is a development key

Source

pub fn supports_algorithm(&self, algorithm: &str) -> bool

Checks if this key supports the given algorithm

Source

pub fn version_number(&self) -> Option<u32>

Gets the key version number if available

Source

pub fn next_version(&self) -> Result<Self, PipelineError>

Creates a new version of this key for key rotation

§Purpose

Generates the next version of the encryption key for key rotation. Automatically increments version number while preserving algorithm and identifier.

§Why

Key rotation provides:

  • Enhanced security through regular key updates
  • Backward compatibility with version tracking
  • Automated versioning without manual configuration
  • Audit trail of key lifecycle
§Returns
  • Ok(EncryptionKeyId) - Next version of the key
  • Err(PipelineError) - Invalid format or rotation failed
§Errors

Returns error if key ID format doesn’t support versioning.

§Examples
Source

pub fn validate(&self) -> Result<(), PipelineError>

Validates the encryption key ID

Source§

impl EncryptionKeyId

Predefined encryption key ID builders

Source

pub fn aes256(version: u32, identifier: &str) -> Result<Self, PipelineError>

Creates an AES-256 key ID

Source

pub fn chacha20(version: u32, identifier: &str) -> Result<Self, PipelineError>

Creates a ChaCha20 key ID

Source

pub fn production( algorithm: &str, version: u32, identifier: &str, ) -> Result<Self, PipelineError>

Creates a production key ID

Source

pub fn development( algorithm: &str, version: u32, identifier: &str, ) -> Result<Self, PipelineError>

Creates a development key ID

Trait Implementations§

Source§

impl AsRef<str> for EncryptionKeyId

Source§

fn as_ref(&self) -> &str

Converts this type into a shared reference of the (usually inferred) input type.
Source§

impl Clone for EncryptionKeyId

Source§

fn clone(&self) -> EncryptionKeyId

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for EncryptionKeyId

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Display for EncryptionKeyId

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl From<EncryptionKeyId> for String

Source§

fn from(key_id: EncryptionKeyId) -> Self

Converts to this type from the input type.
Source§

impl FromStr for EncryptionKeyId

Source§

type Err = PipelineError

The associated error which can be returned from parsing.
Source§

fn from_str(s: &str) -> Result<Self, Self::Err>

Parses a string s to return a value of this type. Read more
Source§

impl Hash for EncryptionKeyId

Source§

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher. Read more
1.3.0 · Source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
Source§

impl Ord for EncryptionKeyId

Source§

fn cmp(&self, other: &EncryptionKeyId) -> Ordering

This method returns an Ordering between self and other. Read more
1.21.0 · Source§

fn max(self, other: Self) -> Self
where Self: Sized,

Compares and returns the maximum of two values. Read more
1.21.0 · Source§

fn min(self, other: Self) -> Self
where Self: Sized,

Compares and returns the minimum of two values. Read more
1.50.0 · Source§

fn clamp(self, min: Self, max: Self) -> Self
where Self: Sized,

Restrict a value to a certain interval. Read more
Source§

impl PartialEq for EncryptionKeyId

Source§

fn eq(&self, other: &EncryptionKeyId) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl PartialOrd for EncryptionKeyId

Source§

fn partial_cmp(&self, other: &EncryptionKeyId) -> Option<Ordering>

This method returns an ordering between self and other values if one exists. Read more
1.0.0 · Source§

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator. Read more
1.0.0 · Source§

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator. Read more
1.0.0 · Source§

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator. Read more
1.0.0 · Source§

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator. Read more
Source§

impl Eq for EncryptionKeyId

Source§

impl StructuralPartialEq for EncryptionKeyId

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V